FOCA – Metadata extractor for reconnaissance

When attacking any organization, some key reconnaissance the attacker look into is

  • Applications the users in the organization is using
  • Usernames
  • Operating Systems
  • Security Mechanism such as which AV Vendor

Having known this information the attacker sends an exploit which can be exploited by using some vulnerability in an application the intended persons uses.
This exploit should not be recognized by the AV the target org uses.

Generally, they use PDF exploits [zero day preferably] as most people use Adobe reader. In any well organized companies most of the critical softwares such as Adobe Reader is usually patched upto date.

So an alternate is use some other exploit that the victim uses. Some times social reconnaissance of weak users such as helpdesk can give you more information.

FOCA is one simple to use tool that downloads all the media files such as pdf, doc, xls etc., from the site and extract metacontent in those files. This information can be used maliciously by the attackers.


The Usernames identified can be useful for later purposes which can be username for some protected resources. Where bruteforce technique or password guessing techniques (with information from facebook, social engg) can be applied to crack into.


This metadata from various media files could be dangerous. There are some tools like MetashieldProtector which can be integrated to IIS which removes meta info when the files requested on a webserver.






About Uma Mahesh

A Creator/Equilizer. Creator/Equalizers are catalysts for positive, well-organized change. They never settle for the status quo. Instead, they see the opportunity for innovation in the processes that others have long taken for granted. They respect what's already operating, but they can't help but want to improve upon it. Their special combination provides innovation tempered with profound logic. They have incredible discernment. Should their efforts fail, they are unhesitating in accepting responsibility. They don't wallow in self-pity but rather see these missed attempts as critical steps on the path to success.
This entry was posted in Articles. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s